Making the most of not being able to leave the house for very long I’ve been cracking along on getting the basics in place. Unlike a PowerShell module like dbatools, this one doesn’t break down nicely into small lumps so it’s likely that new features will be added in big lumps until we hit a critical mass.
So, I’ve just pushed up a nice big change that shows some of the core features working properly. In the current version we have:
- Creating a database security config from an existing database for the following security principals
- Test the database security config against a database
- Take the test results and generate a list of actions that need to be undertaken to bring the database back inline
- Run a ‘WhatIf ‘ run of the fixes to generate a list of actions to be undertaken
- Apply the fixes to bring a database back in line, with a choice of running all actions, just those that add/grant security measures or just those that drop/revoke security measures
Some code to show how those features currently work:
On the to do list for the next couple of weeks of lockdown are:
- Add fixing functions for roles and objects
- Add Pipeline support
- Add better comment based help
- Allow comparison of config documents
Please get in touch if you’ve got any ideas for features. If you want to lend a hand then I’m happy to take Pull Request over at https://dbasecurityscan.io/.
Please also report any bugs/issues over on github as well.